Banks and other secure transaction providers are wary to provide online banking applications to customer without ensuring that these applications are secure and that a mechanism is in place to properly authenticate users. In some systems, encrypted sessions are used between the user and bank, and the user is required to enter a secret password in order to gain access.
In one conventional approach, as an online banking application interacts with the user, the online banking application sends usage data to an external authentication server which is able to perform an analysis of usage patterns to authenticate the identity of the user as the proper customer.